In my registrations there will be a lot more options added onto it ( facebook.etc ) and I'm wondering whether there is a better way to add them all without hard coding(?) then in. Also any suggestions to improve the code is appreciated.

29th March 2012
Last edited by StinkyJoe; 29th March 2012 at 08:55PM.
Post #1445

In my registrations there will be a lot more options added onto it ( facebook.etc ) and I'm wondering whether there is a better way to add them all without hard coding(?) then in. Also any suggestions to improve the code is appreciated.

Use a separate table for the different services. For example, represented as a pseudo-schema:

▤ table user :
╠ id
╠ name
╠ password
╠ password_schema
╚ etc

▤ table services :
╠ user_id
╠ service_id
╚ etc

The service_id can also be used to join with a services table, or just a constant value that you use to identify the service. This isn't a 100% flexible solution as you'll still have to settle with a schema for how individual service data is stored, but it's a good middle-ground that doesn't go off into the more complex end of things.

Use a separate table for the different services. For example, represented as a pseudo-schema:

▤ table user :
╠ id
╠ name
╠ password
╠ password_schema
╚ etc

▤ table services :
╠ user_id
╠ service_id
╚ etc

The service_id can also be used to join with a services table, or just a constant value that you use to identify the service. This isn't a 100% flexible solution as you'll still have to settle with a schema for how individual service data is stored, but it's a good middle-ground that doesn't go off into the more complex end of things.

Maybe I should start learning something about server stuff... I have no idea what to do to make a VPS working and host websites on it with features I can't do with shared hosting. But I don't see any way of learning it without first renting one, and it feels kinda stupid to spend money on something alien to me.

PM me if you like, I have a VPS I'm not using currently that you can have a play on if you like, I'll give you some help if you need any, not that I know loads about VPS' myself

P.S.: Yeah, I know some fields in "posts" table are not necessary, but I'm still learning, so didn't knew about some stuff.

A couple of hints here: the 'text' type is designed for storing data that's several kilobytes long, you probably shouldn't use it for the password, pin, or salt. It's fine to use it for the post description though. Secondly, (this is just stylistic though) you should prefer to use symbols rather than strings in migrations. Thirdly, why have you got a string column called 'user' in your posts table?

Anyway, with regard to your actual problem, can you see if something like this works as expected:

User.where("pin = ?", "753e345a113471a6775e242f444704fe")

30th March 2012
Last edited by Gibo990; 30th March 2012 at 03:45PM.
Post #1450

So I've changed the #wrapper width to 50% and it now looks like ebuyers where there is two gaps either side and a middle part where the content goes. I have a feeling I shouldn't be doing this so any help would be very appreciated. If it's right do I just use a background: url...... in the wrapper?

Probably a basic question but i've just started learning HTML and CSS.

I want to have a background image similar to how www.ebuyer.com have theirs. I was just wondering how they went about doing that?

// code.

So I've changed the #wrapper width to 50% and it now looks like ebuyers where there is two gaps either side and a middle part where the content goes. I have a feeling I shouldn't be doing this so any help would be very appreciated. If it's right do I just use a background: url...... in the wrapper?

http://ezyimg.info/v/2L43HBcPBev.jpg basic template that you can use, the white is where the content comes ( I'm guesing your content is 1000px in width ). To save filesize on the background you can delete the part of the image that the content is covering.

A couple of hints here: the 'text' type is designed for storing data that's several kilobytes long, you probably shouldn't use it for the password, pin, or salt. It's fine to use it for the post description though. Secondly, (this is just stylistic though) you should prefer to use symbols rather than strings in migrations. Thirdly, why have you got a string column called 'user' in your posts table?

Anyway, with regard to your actual problem, can you see if something like this works as expected:

User.where("pin = ?", "753e345a113471a6775e242f444704fe")

Thanks for the info regarding the table. And I have a user column because I forgot about user_id..
Anyhow, the method you posted doesn't seem to work as expected..

On my acer laptop that overheats when I start up windows media player?

I think something like this would lend itself to a platform like the Raspberry Pi You could easily install a Linux OS that supports ARM, and install a web server that supports ARM on it to just learn how to configure the servers. Then connect the Pi to your network and play around with web development.

31st March 2012
Last edited by Kopimi; 31st March 2012 at 03:53AM.
Post #1457

hey guys, on my website login screen, user puts in his password and username, I then check in php ( sha1 + salt ) if it matches with the one with the MySQL server , if it does I do
session_regenerate_id();
$_SESSION['valid']=1;
$_SESSION['userid'] = $username;

I then check on every other page
if(isset($_SESSION['valid']) && $_SESSION['valid'])

hey guys, on my website login screen, user puts in his password and username, I then check in php ( sha1 + salt ) if it matches with the one with the MySQL server , if it does I do
session_regenerate_id();
$_SESSION['valid']=1;
$_SESSION['userid'] = $username;

I then check on every other page
if(isset($_SESSION['valid']) && $_SESSION['valid'])

is this safe?

It's definitely not the best solution, but it's not really unsafe as long as you protect against session jacking.

hey guys, on my website login screen, user puts in his password and username, I then check in php ( sha1 + salt ) if it matches with the one with the MySQL server , if it does I do
session_regenerate_id();
$_SESSION['valid']=1;
$_SESSION['userid'] = $username;

I then check on every other page
if(isset($_SESSION['valid']) && $_SESSION['valid'])

is this safe?

You can just do

$_SESSION['valid']=TRUE;
if($_SESSION['valid']){
//Do Things
}

Pretty sure thats how most sites do it,

Personally i store the users ID, a hashed password (hmac), expiry time and a cookie hash in a string in a cookie and use a Regular Expression to separate it into an array and validate the users password every time they visit the site.

My system is quite hacked together because I was using a cookie generated by forum software so im not going to share it but the cookie works like this,